webservice 用户验证 加密
最近一直在自学webservice,并且通过学习之后做了一个案例,基于WebService的用户身份验证;但是做了很长时间老是出现一下问题:System.Web.Services.Protocols.SoapException: 服务器无法处理请求。
希望博客园里边的朋友帮忙解决一下,先谢谢啦,有机会请请.
代码如下:
/// <summary>
/// UserHeader 的摘要说明(封装了用户名和密码)
/// </summary>
public class UserHeader : SoapHeader
{
public UserHeader()
{
}
string name;
string pwd;
public string Name { get { return name; } set { name = value; } }
public string Pwd { get { return pwd; } set { pwd = value; } }
}
WebService:
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class VerifyUserService : WebService
{
public UserHeader _userHeader;
public UserHeader UserHeader
{
get { return _userHeader; }
set { _userHeader = value; }
}
public VerifyUserService()
{
}
[SoapHeader("_userHeader", Direction = SoapHeaderDirection.InOut)]
[WebMethod]
public string ReturnLoginUser()
{
string Msg = string.Empty;
if (_userHeader == null)
Msg = "未初始化Web客户端实例";
else
{
string name = DataProtect.Decrypt(_userHeader.Name);//在服务器端进行解密
string pwd = DataProtect.Decrypt(_userHeader.Pwd);//在服务器端进行解密
string sql = "select count(*) from USERINFO where Name=:Name and PWD=:Pwd";
OleDbParameter[] cmdParameters ={ new OleDbParameter(":Name", OleDbType.VarChar, 10), new OleDbParameter(":Pwd", OleDbType.VarChar, 10) };
cmdParameters[0].Value = name;
cmdParameters[1].Value = pwd;
object result = OraDBHelper.ExecuteScalarSql(sql, cmdParameters);
if (!string.IsNullOrEmpty(result.ToString()))
{
if (int.Parse(result.ToString()) > 0)
Msg = "login success";
else
Msg = "login failed";
}
}
return Msg;
}
}
WebService客户端:
class Program
{
static void Main(string[] args)
{
Console.WriteLine("please input your name");
string name = Console.ReadLine();
Console.WriteLine("please input your password");
string pwd = Console.ReadLine();
UserHeader _uh = new UserHeader();
_uh.Name = DataProtect.Encrypt(name);//传输之前先加密
_uh.Pwd = DataProtect.Encrypt(pwd); //传输之前先加密
VerifyUserService vus = new VerifyUserService();
vus.UserHeaderValue = _uh;
string result = vus.ReturnLoginUser();//返回验证信息
Console.WriteLine("your login msg:{0}", result);
Console.ReadLine();
}
我的思路:将用户名和密码封装到SOAPHEADER,然后在传输之前对该SoapHeader进行加密,WebService服务器端进行解密,然后验证信息是否正确.
我的加密类:用的是对称加密.代码如下:
public class DataProtect
{
public DataProtect()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
private static string key;
private static string iv;
public static string Key
{ get { return key; } }
public static string Iv
{
get { return iv; }
}
/// <summary>
/// 随机生成密钥和初始化向量
/// </summary>
/// <returns></returns>
private static string GetKeyOrIv()
{
StringBuilder sb = new StringBuilder();
Random r = new Random();
while (sb.ToString().Length < 8)
{
int number = r.Next(10);
sb.Append(number);
}
return sb.ToString();
}
private static byte[] GetBytes(string str)
{
Encoding e = Encoding.Default;
byte[] result = e.GetBytes(str);
return result;
}
private static string GetString(byte[] b)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < b.Length; i++)
{
sb.Append(b[i].ToString("x2"));
}
return sb.ToString();
}
/// <summary>
/// 加密数据(对称)
/// </summary>
/// <param name="txt">加密文本</param>
/// <returns></returns>
public static string Encrypt(string txt)
{ key = "12345678";
iv = "12345678";
byte[] key1 = GetBytes(key);
byte[] iv1 = GetBytes(iv);
SymmetricAlgorithm sa = new DESCryptoServiceProvider();
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, sa.CreateEncryptor(key1, iv1), CryptoStreamMode.Write);
StreamWriter sw = new StreamWriter(cs);
sw.WriteLine(txt);
sw.Close();
cs.Close();
byte[] result = ms.ToArray();
ms.Flush();
ms.Close();
return GetString(result);
}
/// <summary>
/// 解密数据(对称)
/// </summary>
/// <param name="txt"></param>
/// <returns></returns>
public static string Decrypt(string txt)
{
key = "12345678";
iv = "12345678";
byte[] key1 = GetBytes(key);
byte[] iv1 = GetBytes(iv);
SymmetricAlgorithm sa = new DESCryptoServiceProvider();
MemoryStream ms = new MemoryStream(GetBytes(txt));
CryptoStream cs = new CryptoStream(ms, sa.CreateDecryptor(key1, iv1), CryptoStreamMode.Read);
StreamReader sr = new StreamReader(cs);
string result = sr.ReadLine();
sr.Close();
cs.Close();
ms.Close();
return result;
}
}
希望园子里的朋友帮忙解决一下,这个问题困扰了我好久,从网上查找资料也没有解决掉,在一次谢谢大家了
我的邮箱:slj1024@gmail.com
浙公网安备 33010602011771号